We have been seeing apps that exploit vulnerabilities in Android, with most of them attempting to gain higher privileges on user devices. In recent days, a stronger and a far more advanced Android malware named ANDROIDOS_OBAD has come into play. What seems to be a product from the same malware authors behind ANDROIDOS_JIFAKE, ANDROIDOS_OBAD is…

Last month, the hacker collective Anonymous announced their intention to launch cyber attacks against the petroleum industry (under the code name #OpPetrol) that is expected to last up to June 20. Their claimed reason for this attack is primarily due to petroleum being sold with the US dollar instead of currency of the country where…

Earlier in February we blogged about RARSTONE, a Remote Access Tool (RAT) that we discovered having some similar characteristics to PlugX, an older and more well-known RAT. In April, the same malware family used the Boston Marathon bombing as part of its social engineering bait. Since then, we’ve been looking out for further attacks using RARSTONE. We’ve…

The past few weeks have seen some very high-profile sites adopt two-factor authentication in one form or another. First was Twitter, followed soon by Evernote and Linkedin. For users of these sites, these represent a welcome improvement to their security. In the event that their password is (somehow) compromised, an attacker faces another barrier before…

Microsoft releases five security bulletins for June 2013, which is relatively light compared to previous ones. Despite this, users must update their systems immediately, to avoid possible web threats leveraging software vulnerabilities. This roster of security fixes include updates for vulnerabilities found in Windows and Internet Explorer, which were rated Critical. This means that IT…